CVE-2026-12104 Authenticated OS Command Injection in Bondix

OS command injection in the environment and tunnel configuration functionality in SIMA GmbH Bondix through version 1.25.7.5 on Linux allows an authenticated attacker with configuration write access to execute arbitrary operating-system commands via crafted configuration values passed to server-si...

CVE-2026-12104

Bondix by SIMA GmbH (Linux) up to version 1.25.7.5 is affected by an authenticated OS command injection in environment and tunnel configuration handling. An attacker with configuration write access can pass crafted values to server-side scripts to execute arbitrary OS commands. The vulnerability ...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : GitPython vulnerabilities (USN-8303-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8303-1 advisory. Santos Gallegos discovered that GitPython did not properly validate paths when...

CVE-2026-8856

IBM HTTP Server 8.5 and 9.0 are affected by CVE-2026-8856, a denial-of-service condition triggered when an attacker with write access to parts of the server configuration can consume resources. The IBM Security Bulletin lists this CVE among multiple vulnerabilities in IBM HTTP Server (bundled wit...

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-44774 Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider...

Traefik 访问控制错误漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.46, 3.6.17, and 3.7.1 contained a access control vulnerability. This vulnerability stemmed from the Kubernetes Gateway API provider, which allowed tenants with permission to create...

CVE-2026-45147

SiYuan before 3.7.0 is vulnerable: POST /api/tag/getTag is registered with model.CheckAuth only, omitting CheckAdminRole and CheckReadonly, allowing any authenticated user to pass a sort parameter that mutates Conf.Tag.Sort and triggers model.Conf.Save(), which rewrites the entire workspace conf....

EUVD-2026-28367

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration 74 endpoints and writing/modifying settings including volume, mute,...

CVE-2026-30496

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration 74 endpoints and writing/modifying settings including volume, mute,...

EUVD-2026-23992

Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values...

CVE-2026-32976

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel commands to mutate protected sibling-account configuration despite configWrites restrictions. Attackers with authorized access on one account can execute channel commands like /config set channels..accounts...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

CVE-2026-28393

OpenClaw 2.0.0-beta3 through 2026.2.13 contains a path-traversal vulnerability in the hook transform module loading (hooks.mappings[].transform.module) that allows loading and executing arbitrary JavaScript with gateway process privileges when an attacker can modify configuration. The issue arise...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the function saveConfigFile in the file HealthUtils.java, where a failed configuration file write triggers. An attacker can gain unauthorized access to system credentials by accessing...

GHSA-V75G-77VF-6JJQ Para Server Logs Sensitive Information

CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 7.5 High Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Para Server Initialization Logging Version: Para v1.50.6 File Path:...

VulnCheck KEV: CVE-2023-24055

KeePass through 2.53 in a default installation allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who...

HyperKit 代码问题漏洞

HyperKit is a Moby open source toolkit for embedding virtual machine monitor functionality in applications. A security vulnerability exists in HyperKit 0.20210107 and earlier versions, which stems from vipciwrite calls to vccfgwrite, which does not check for null, and when called causes the host ...